Module dev_snp.erl¶
This device offers an interface for validating AMD SEV-SNP commitments, as well as generating them, if called in an appropriate environment.
Function Index¶
| execute_is_trusted/3* | Ensure that all of the software hashes are trusted. |
| generate/3 | Generate an commitment report and emit it as a message, including all of the necessary data to generate the nonce (ephemeral node address + node message ID), as well as the expected measurement (firmware, kernel, and VMSAs hashes). |
| generate_nonce/2* | Generate the nonce to use in the commitment report. |
| is_debug/1* | Ensure that the node's debug policy is disabled. |
| real_node_test/0* | |
| report_data_matches/3* | Ensure that the report data matches the expected report data. |
| trusted/3 | Validates if a given message parameter matches a trusted value from the SNP trusted list Returns {ok, true} if the message is trusted, {ok, false} otherwise. |
| verify/3 | Verify an commitment report message; validating the identity of a remote node, its ephemeral private address, and the integrity of the report. |
Function Details¶
execute_is_trusted/3 *¶
execute_is_trusted(M1, Msg, NodeOpts) -> any()
Ensure that all of the software hashes are trusted. The caller may set
a specific device to use for the is-trusted key. The device must then
implement the trusted resolver.
generate/3¶
generate(M1, M2, Opts) -> any()
Generate an commitment report and emit it as a message, including all of the necessary data to generate the nonce (ephemeral node address + node message ID), as well as the expected measurement (firmware, kernel, and VMSAs hashes).
generate_nonce/2 *¶
generate_nonce(RawAddress, RawNodeMsgID) -> any()
Generate the nonce to use in the commitment report.
is_debug/1 *¶
is_debug(Report) -> any()
Ensure that the node's debug policy is disabled.
real_node_test/0 *¶
real_node_test() -> any()
report_data_matches/3 *¶
report_data_matches(Address, NodeMsgID, ReportData) -> any()
Ensure that the report data matches the expected report data.
trusted/3¶
trusted(Msg1, Msg2, NodeOpts) -> any()
Validates if a given message parameter matches a trusted value from the SNP trusted list Returns {ok, true} if the message is trusted, {ok, false} otherwise
verify/3¶
verify(M1, M2, NodeOpts) -> any()
Verify an commitment report message; validating the identity of a remote node, its ephemeral private address, and the integrity of the report. The checks that must be performed to validate the report are: 1. Verify the address and the node message ID are the same as the ones used to generate the nonce. 2. Verify the address that signed the message is the same as the one used to generate the nonce. 3. Verify that the debug flag is disabled. 4. Verify that the firmware, kernel, and OS (VMSAs) hashes, part of the measurement, are trusted. 5. Verify the measurement is valid. 6. Verify the report's certificate chain to hardware root of trust.